Senior Information Security Engineer

Hanover, MD or Remote USA

Dragos, Inc. logo
Dragos, Inc.
Apply now Apply later

Posted 2 weeks ago

As a member of the IT and Security team you support the infrastructure needs of the company. The team is crucial to developing scalable processes to support delivery of the Dragos product lines. The Senior Information Security Engineer is tasked with taking Security Policy and turn them into actionable guidelines.  You will work closely with various business unties to implement and ensure continued compliance.   Successful candidates will lead by example, help plan and carry out the organization’s information security strategy. You will develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. In addition, you will develop strategies to respond to and recover from a security breach and are also responsible for educating the workforce on information security through training and building awareness. This position is also available either in Hanover, MD or remote.  Preference is to Hanover, MD but the right candidate could be remote. 

Responsibilities

  • Proactively identify and resolve potential problems to prevent them from occurring and improve overall security posture. 
  • Prioritize workload based on severity and impact to company and demonstrate a sense of urgency when handling tasks
  • Participate in knowledge sharing via involvement in technical discussions and Knowledge Base documentation with other organizations
  • Assist in risk assessment and mitigation activities.
  • Conduct periodic network scans to find any vulnerability
  • Monitor networks and systems for security breaches, using software that detects intrusions and anomalous system behavior
  • Develop or implement open source/third-party tools to assist in detection, prevention and analysis of security threats
  • Awareness training of the workforce on information security standards, policies and best practices
  • Perform other duties and projects as assigned

Requirements

  • Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
  • Experience with and knowledge of Endpoint security solutions, including file integrity monitoring and data loss prevention
  • Experience with AWS and cloud platform as a service (PaaS) security
  • Experience with automating security testing tools
  • Experience with Network Devices (Fortinet, Meraki)
  • Knowledge of risk assessment tools, technologies and methods
  • Experience designing secure networks, systems and application architectures
  • Knowledge of disaster recovery, computer forensic tools, technologies and methods
  • Experience planning, researching and developing security policies, standards and procedures
  • Professional experience in a system administration role supporting multiple platforms and applications
  • Ability to communicate network security issues to peers and management
  • Proficient technical problem-solving skills
  • Clear written communication skills, including trouble tickets and FAQ creation & maintenance
  • Knowledge of networking fundamentals.
  • Minimum 5 years of experience working within industry in related roles.

Nice to Hve

  • Bachelor’s Degree in Information Technology, Computer Science, Engineering or related field
  • Industry Certifications and memberships a plus
  • Hands on experience with Crowdstrike Falcon
  • Ability to fill multiple roles simultaneously
  • Hands-on experience with Windows 10, Office 365 (Account Management, Exchange Online, Azure, Intune)
  • Experience with Infrastructure as Code (Terraform)
  • Firewall administration experience, network or host-based
  • Ability to troubleshoot and resolve different levels of hardware and client desktop issues.
  • Linux/Unix operating system administration
  • Understanding of permission levels across Linux and Windows environments.
  • Start-up Experience preferred
  • Certified Information Systems Security Professional (CISSP)
  • CISA – Certified Information Systems Auditor (CISA)
  • CISM – Certified Information Security Manager (CISM)
Our mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. We help defend industrial organizations that provide us with the tenets of modern civilization: running water, functioning electricity, and safe industrial working environments. We are practitioners who have lived through and solved real security challenges. Our team members have responded to incidents including the Ukraine 2015 power grid attack, analyzed the CRASHOVERRIDE malware responsible for the Ukraine 2016 electric grid attack, analyzed the TRISIS malware responsible for the petrochemical facility attack in 2017, built and led the National Security Agency mission to identify nation-states breaking into ICS, and performed assessments on hundreds of assets around the world. We offer competitive salaries, equity, and a comprehensive benefits package including medical, dental, vision, disability, 401K and life insurance. Dragos is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce. Come join us!
Job tags: AWS Azure CISA CISM CISSP Firewall ICS Industrial Linux Malware Network security Open Source PaaS Petrochemical Risk assessment Strategy Unix Windows